Skip to content

fix: resolved failing approval generation on update and delete with metadata#5304

Merged
akhilmhdh merged 2 commits intomainfrom
fix/approval-failing
Jan 30, 2026
Merged

fix: resolved failing approval generation on update and delete with metadata#5304
akhilmhdh merged 2 commits intomainfrom
fix/approval-failing

Conversation

@akhilmhdh
Copy link
Member

@akhilmhdh akhilmhdh commented Jan 28, 2026

Context

Secret approval request was failing for secrets with encrypted metadata on update and delete when encrypted value existed

Screenshots

Steps to verify the change

  1. Update and delete with encrypted metadata should work fine with approval

Type

  • Fix
  • Feature
  • Improvement
  • Breaking
  • Docs
  • Chore

Checklist

  • Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
  • Tested locally
  • Updated docs (if needed)
  • Read the contributing guide

@maidul98
Copy link
Collaborator

maidul98 commented Jan 28, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Jan 28, 2026

Greptile Overview

Greptile Summary

Fixed a bug where secret approval requests were failing for secrets with encrypted metadata during update and delete operations. The issue occurred because the metadata field from latestSecretVersions (database) was being spread into the commit object and then overridden by an input metadata parameter, causing conflicts.

Changes made:

  • Update operation: Removed metadata from input destructuring and from the commit object. Now extracts metadata from database response and excludes it from the spread operation.
  • Delete operation: Similarly extracts metadata from database response, excludes it from spread, and explicitly converts it to secretMetadata using JSON.stringify(metadata || []).

This ensures the correct metadata handling where secretMetadata (the processed/encrypted version) is used in commits while avoiding conflicts with the raw database metadata field.

Confidence Score: 5/5

  • This PR is safe to merge with minimal risk
  • The fix is targeted and addresses a specific field conflict issue. The changes correctly separate database metadata from user input, preventing overwrites. The logic is sound and the implementation follows existing patterns in the codebase.
  • No files require special attention

Important Files Changed

Filename Overview
backend/src/ee/services/secret-approval-request/secret-approval-request-service.ts Fixed metadata field conflict by extracting and excluding database metadata from spread operations during update and delete operations

@akhilmhdh akhilmhdh force-pushed the fix/approval-failing branch from 25c0267 to a0a54ee Compare January 29, 2026 14:21
@akhilmhdh akhilmhdh merged commit ad12a26 into main Jan 30, 2026
9 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sheensantoscapadngan sheensantoscapadngan sheensantoscapadngan approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@akhilmhdh @maidul98 @sheensantoscapadngan